1 Introduction

Ansible is an IT automation tool. It can configure systems, deploy software, and orchestrate more advanced IT tasks such as continuous deployments or zero downtime rolling updates.

Ansible’s goals are foremost those of simplicity and maximum ease of use. It also has a strong focus on security and reliability, featuring a minimum of moving parts, usage of OpenSSH for transport (with an accelerated socket mode and pull modes as alternatives), and a language that is designed around auditability by humans – even those not familiar with the program.

We believe simplicity is relevant to all sizes of environments and design for busy users of all types – whether this means developers, sysadmins, release engineers, IT managers, and everywhere in between. Ansible is appropriate for managing small setups with a handful of instances as well as enterprise environments with many thousands.

Ansible manages machines in an agentless manner. There is never a question of how to upgrade remote daemons or the problem of not being able to manage systems because daemons are uninstalled. As OpenSSH is one of the most peer reviewed open source components, the security exposure of using the tool is greatly reduced. Ansible is decentralized – it relies on your existing OS credentials to control access to remote machines; if needed it can easily connect with Kerberos, LDAP, and other centralized authentication management systems.[1]

The documentation is enough complete and well done to avoid rewriting things here. However some tricky things can be done and that's what I'm trying to cover here.

2 Installation

To install Ansible, you have 2 choices:

aptitude

aptitude install ansible

Or with pip (require python-pip):

pip

pip install ansible

3 Usage

3.1 Multiple conditions

If you want to set multiple condition, it can sometimes be complicated. Here is an example with 'or' and 'and':

3.4 Force handler to apply

Ansible handlers are defined in a handlers section or file and are called at the end of each play1) if they have been triggered. This is useful as it means you can have multiple tasks trigger another action, but ensure that the triggered action only runs once:[2]